In the Claims 

1 . (Currently amended) A graphical user interface for representing and facilitating user manipulation 

of revocable access control settings for a resource comprising: 

one or more display regions for graphical representations of access control settings for the 
resource which resuh from transformations applied to the structured data which defines the 
access control settings for the resource; and 

one or more display regions for representation of the resource; 

wherein the set of display regions for representations of the settings and the display region for 

representation of the resource appear to the operator as in an integrated graphical user interface. 

2. (Original) The graphical user interface of claim 1, wherein one or more functions modify the spatial 
layout of the display regions. 

3. (Original) The graphical user interface of claim 1, wherein one or more fimctions modify the 
number of the display regions. 

4. (Original) The graphical user interface of claim 1, wherein one or more functions modify the 

transformations that are applied to the structured data. 

5. (Original) The graphical user interface of claim 1, wherein a user is graphically represented by a 
display element comprising, at least in part, a likeness of the user. 

6. (Original) The graphical user interface of claim 5, wherein the likeness comprises, at least in part, a 
digital photograph, processed by a method including at least one step selected from the set of: adjusting 
image color saturation toward a predetermined target saturation level; converting to grayscale; 
adjusting image brightness toward a predetermined target brightness level; adjusting image contrast 
toward a predetermined target contrast level; adjusting image sharpness toward a predetermined target 
sharpness level; and masking with a shape selected from a set comprising ovals and outlines of a bust. 

7. (Previously presented) The graphical user interface of claim 1, wherein the set of display regions 
further comprises: 

a display region for a graphical representation of a set of groups, users and roles and their 
respective access privileges as defined by existing structured data for the resource; and 



election and amendment 



page 4 of 35 



10/802,658 



a display region for a graphical representation of the result of transforming the set of groups and 
users and their respective access privileges into a corresponding set of individual users only and 
their respective effective access privileges. 

8. (Currently amended) The graphical user interface of claim 1, further comprising a first display 
region for a graphical representation of at least one set of known users and groups, wherein the operator 
can designate indicia for [[the]] known users and groups and visually associate the designated indicia 
with a second display region to change the structured data which defines the access control settings for 
the resource. 

9. (Original) The graphical user interface of claim 8, wherein the first display region is reduced in size 
until activated by the user, and the first display region is increased in size upon activation. 

10. (Currently amended) A graphical user interface for representing access log information and access 
control settings for a resource, wherein at least one display region contains a graphical representation of 
a set comprising one or more individual users, and wherein each of the individual users is graphically 
represented by a visual element which comprises: 

the identity of the individual user having read privilege for the resource; and 

a differing visual clement for indicating [[tlmt]] if the user has write privilege for the resource; 
and one or more of the following visual elements: 

the time of the most recent read access by the user to the resource; 

the time of the most recent write access by the user to the resource; 

indication whether the most recent write access by the user to the resource is the most recent 
write access by any user to the resource; 

indication whether the most recent read access by the user to the resource has been before the 

most recent write access by any user to the resource; 

indication whether the most recent read access by the user to the resource has been since the 
most recent write access by any user to the resource; and 

indication whether the user currently is without read privilege for the resource. 
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1 1 . (Original) The graphical user interface of claim 10, wherein the set of individual users consists of: 
the set of users who have any access privilege at all for the resource; and the set of users who have 
accessed the resource in the past although they currently are without any access privilege for the 
resource. 

12. (Original) The graphical user interface of claim 10, further comprising a display region for a 
representation of the resource, wherein the display region for representation of the set of users and the 
display region for representation of the resource appear to the operator as an integrated graphical user 
interface. 

13. -27. (Canceled) 

28. (New) The graphical user interface of claim 10, wherein graphical representations of users are 
sorted by one or more of the following attributes: 

the time of the most recent access by the user; 

the time of the most recent write access by the user; and 

current privileges the user has for the resource. 

29. (New) The graphical user interface of claim 10, wherein a user is graphically represented by a 
display element comprising, at least in part, a likeness of the user. 

30. (New) The graphical user interface of claim 12, wherein the set of individual users consists of: the 
set of users who have any access privilege at all for the resource; and the set of users who have 
accessed the resource in the past although they currently are without any access privilege for the 

resource. 

3 1 . (New) The graphical user interface of claim 12, wherein graphical representations of users are 
sorted by one or more of the following attributes: 

the time of the most recent access by the user; 

the time of the most recent write access by the user; and 
current privileges the user has for the resource. 

32. (New) The graphical user interface of claim 12, wherein a user is graphically represented by a 
display element comprising, at least in part, a likeness of the user. 
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33. (New) The graphical user interface of claim 8, wherein the set further comprises access control 
settings macros and the operator can designate indicia for macros and visually associate the designated 
indicia with the second display region to change the structured data which defines the access control 
settings for the resource. 
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